The following is a summary of features within WebSphere® Application Server OAuth 2.0
services.
- WebSphere Application
Server acts as an OAuth Service Provider (SP) to handle OAuth 2.0
protocol requests.
- WebSphere Application
Server acts as protected resource enforcement endpoint to authorize
or deny requests for deployed web resources.
- Allow multiple service providers to co-exist.
- Allow administrator to revoke access tokens.
- Allow client to revoke its authorization given by a user.
- Optionally provide a Subject for a resource application to make
an authenticated downstream call or perform programmatic J2EE security.
- Support 4 typical OAuth 2.0 flows as defined in the protocol.
- Support persistent OAuth services.